Merge remote-tracking branch 'mbedtls-2.28' into mbedtls-2.28-restricted
diff --git a/programs/test/metatest.c b/programs/test/metatest.c
index 2973cce..b8dffa9 100644
--- a/programs/test/metatest.c
+++ b/programs/test/metatest.c
@@ -46,6 +46,12 @@
  */
 volatile int false_but_the_compiler_does_not_know = 0;
 
+/* Hide calls to calloc/free from static checkers such as
+ * `gcc-12 -Wuse-after-free`, to avoid compile-time complaints about
+ * code where we do mean to cause a runtime error. */
+void * (* volatile calloc_but_the_compiler_does_not_know)(size_t, size_t) = mbedtls_calloc;
+void(*volatile free_but_the_compiler_does_not_know)(void *) = mbedtls_free;
+
 /* Set n bytes at the address p to all-bits-zero, in such a way that
  * the compiler should not know that p is all-bits-zero. */
 static void set_to_zero_but_the_compiler_does_not_know(volatile void *p, size_t n)
@@ -98,9 +104,9 @@
 void read_after_free(const char *name)
 {
     (void) name;
-    volatile char *p = mbedtls_calloc(1, 1);
+    volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
     *p = 'a';
-    mbedtls_free((void *) p);
+    free_but_the_compiler_does_not_know((void *) p);
     /* Undefined behavior (read after free) */
     mbedtls_printf("%u\n", (unsigned) *p);
 }
@@ -108,11 +114,11 @@
 void double_free(const char *name)
 {
     (void) name;
-    volatile char *p = mbedtls_calloc(1, 1);
+    volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
     *p = 'a';
-    mbedtls_free((void *) p);
+    free_but_the_compiler_does_not_know((void *) p);
     /* Undefined behavior (double free) */
-    mbedtls_free((void *) p);
+    free_but_the_compiler_does_not_know((void *) p);
 }
 
 void read_uninitialized_stack(const char *name)
@@ -132,7 +138,7 @@
 void memory_leak(const char *name)
 {
     (void) name;
-    volatile char *p = mbedtls_calloc(1, 1);
+    volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
     mbedtls_printf("%u\n", (unsigned) *p);
     /* Leak of a heap object */
 }
diff --git a/scripts/find-mem-leak.cocci b/scripts/find-mem-leak.cocci
deleted file mode 100644
index 8179e2b..0000000
--- a/scripts/find-mem-leak.cocci
+++ /dev/null
@@ -1,20 +0,0 @@
-@@
-expression x, y;
-statement S;
-@@
-  x = mbedtls_calloc(...);
-  y = mbedtls_calloc(...);
-  ...
-* if (x == NULL || y == NULL)
-    S
-
-@@
-expression x, y;
-statement S;
-@@
-  if (
-*   (x = mbedtls_calloc(...)) == NULL
-    ||
-*   (y = mbedtls_calloc(...)) == NULL
-  )
-    S
diff --git a/scripts/mbedtls_dev/crypto_data_tests.py b/scripts/mbedtls_dev/crypto_data_tests.py
new file mode 100644
index 0000000..bad26fd
--- /dev/null
+++ b/scripts/mbedtls_dev/crypto_data_tests.py
@@ -0,0 +1,112 @@
+"""Generate test data for cryptographic mechanisms.
+This module is a work in progress, only implementing a few cases for now.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+
+import hashlib
+from typing import Callable, Dict, Iterator, List, Optional #pylint: disable=unused-import
+
+from . import crypto_knowledge
+from . import psa_information
+from . import test_case
+
+
+def psa_low_level_dependencies(*expressions: str) -> List[str]:
+    """Infer dependencies of a PSA low-level test case by looking for PSA_xxx symbols.
+    This function generates MBEDTLS_PSA_BUILTIN_xxx symbols.
+    """
+    high_level = psa_information.automatic_dependencies(*expressions)
+    for dep in high_level:
+        assert dep.startswith('PSA_WANT_')
+    return ['MBEDTLS_PSA_BUILTIN_' + dep[9:] for dep in high_level]
+
+
+class HashPSALowLevel:
+    """Generate test cases for the PSA low-level hash interface."""
+
+    def __init__(self, info: psa_information.Information) -> None:
+        self.info = info
+        base_algorithms = sorted(info.constructors.algorithms)
+        all_algorithms = \
+            [crypto_knowledge.Algorithm(expr)
+             for expr in info.constructors.generate_expressions(base_algorithms)]
+        self.algorithms = \
+            [alg
+             for alg in all_algorithms
+             if (not alg.is_wildcard and
+                 alg.can_do(crypto_knowledge.AlgorithmCategory.HASH))]
+
+    # CALCULATE[alg] = function to return the hash of its argument in hex
+    # TO-DO: implement the None entries with a third-party library, because
+    # hashlib might not have everything, depending on the Python version and
+    # the underlying OpenSSL. On Ubuntu 16.04, truncated sha512 and sha3/shake
+    # are not available. On Ubuntu 22.04, md2, md4 and ripemd160 are not
+    # available.
+    CALCULATE = {
+        'PSA_ALG_MD2': None,
+        'PSA_ALG_MD4': None,
+        'PSA_ALG_MD5': lambda data: hashlib.md5(data).hexdigest(),
+        'PSA_ALG_RIPEMD160': None, #lambda data: hashlib.new('ripdemd160').hexdigest()
+        'PSA_ALG_SHA_1': lambda data: hashlib.sha1(data).hexdigest(),
+        'PSA_ALG_SHA_224': lambda data: hashlib.sha224(data).hexdigest(),
+        'PSA_ALG_SHA_256': lambda data: hashlib.sha256(data).hexdigest(),
+        'PSA_ALG_SHA_384': lambda data: hashlib.sha384(data).hexdigest(),
+        'PSA_ALG_SHA_512': lambda data: hashlib.sha512(data).hexdigest(),
+        'PSA_ALG_SHA_512_224': None, #lambda data: hashlib.new('sha512_224').hexdigest()
+        'PSA_ALG_SHA_512_256': None, #lambda data: hashlib.new('sha512_256').hexdigest()
+        'PSA_ALG_SHA3_224': None, #lambda data: hashlib.sha3_224(data).hexdigest(),
+        'PSA_ALG_SHA3_256': None, #lambda data: hashlib.sha3_256(data).hexdigest(),
+        'PSA_ALG_SHA3_384': None, #lambda data: hashlib.sha3_384(data).hexdigest(),
+        'PSA_ALG_SHA3_512': None, #lambda data: hashlib.sha3_512(data).hexdigest(),
+        'PSA_ALG_SHAKE256_512': None, #lambda data: hashlib.shake_256(data).hexdigest(64),
+    } #type: Dict[str, Optional[Callable[[bytes], str]]]
+
+    @staticmethod
+    def one_test_case(alg: crypto_knowledge.Algorithm,
+                      function: str, note: str,
+                      arguments: List[str]) -> test_case.TestCase:
+        """Construct one test case involving a hash."""
+        tc = test_case.TestCase()
+        tc.set_description('{}{} {}'
+                           .format(function,
+                                   ' ' + note if note else '',
+                                   alg.short_expression()))
+        tc.set_dependencies(psa_low_level_dependencies(alg.expression))
+        tc.set_function(function)
+        tc.set_arguments([alg.expression] +
+                         ['"{}"'.format(arg) for arg in arguments])
+        return tc
+
+    def test_cases_for_hash(self,
+                            alg: crypto_knowledge.Algorithm
+                            ) -> Iterator[test_case.TestCase]:
+        """Enumerate all test cases for one hash algorithm."""
+        calc = self.CALCULATE[alg.expression]
+        if calc is None:
+            return # not implemented yet
+
+        short = b'abc'
+        hash_short = calc(short)
+        long = (b'Hello, world. Here are 16 unprintable bytes: ['
+                b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a'
+                b'\x80\x81\x82\x83\xfe\xff]. '
+                b' This message was brought to you by a natural intelligence. '
+                b' If you can read this, good luck with your debugging!')
+        hash_long = calc(long)
+
+        yield self.one_test_case(alg, 'hash_empty', '', [calc(b'')])
+        yield self.one_test_case(alg, 'hash_valid_one_shot', '',
+                                 [short.hex(), hash_short])
+        for n in [0, 1, 64, len(long) - 1, len(long)]:
+            yield self.one_test_case(alg, 'hash_valid_multipart',
+                                     '{} + {}'.format(n, len(long) - n),
+                                     [long[:n].hex(), calc(long[:n]),
+                                      long[n:].hex(), hash_long])
+
+    def all_test_cases(self) -> Iterator[test_case.TestCase]:
+        """Enumerate all test cases for all hash algorithms."""
+        for alg in self.algorithms:
+            yield from self.test_cases_for_hash(alg)
diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py
new file mode 100644
index 0000000..a3a84f6
--- /dev/null
+++ b/scripts/mbedtls_dev/psa_information.py
@@ -0,0 +1,106 @@
+"""Collect information about PSA cryptographic mechanisms.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+
+import re
+from typing import Dict, FrozenSet, List, Optional
+
+from . import macro_collector
+
+
+def psa_want_symbol(name: str) -> str:
+    """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature."""
+    if name.startswith('PSA_'):
+        return name[:4] + 'WANT_' + name[4:]
+    else:
+        raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name)
+
+def finish_family_dependency(dep: str, bits: int) -> str:
+    """Finish dep if it's a family dependency symbol prefix.
+    A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be
+    qualified by the key size. If dep is such a symbol, finish it by adjusting
+    the prefix and appending the key size. Other symbols are left unchanged.
+    """
+    return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep)
+
+def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]:
+    """Finish any family dependency symbol prefixes.
+    Apply `finish_family_dependency` to each element of `dependencies`.
+    """
+    return [finish_family_dependency(dep, bits) for dep in dependencies]
+
+SYMBOLS_WITHOUT_DEPENDENCY = frozenset([
+    'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies
+    'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier
+    'PSA_ALG_ANY_HASH', # only in policies
+    'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies
+    'PSA_ALG_KEY_AGREEMENT', # chaining
+    'PSA_ALG_TRUNCATED_MAC', # modifier
+])
+
+def automatic_dependencies(*expressions: str) -> List[str]:
+    """Infer dependencies of a test case by looking for PSA_xxx symbols.
+    The arguments are strings which should be C expressions. Do not use
+    string literals or comments as this function is not smart enough to
+    skip them.
+    """
+    used = set()
+    for expr in expressions:
+        used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr))
+    used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY)
+    return sorted(psa_want_symbol(name) for name in used)
+
+# A temporary hack: at the time of writing, not all dependency symbols
+# are implemented yet. Skip test cases for which the dependency symbols are
+# not available. Once all dependency symbols are available, this hack must
+# be removed so that a bug in the dependency symbols properly leads to a test
+# failure.
+def read_implemented_dependencies(filename: str) -> FrozenSet[str]:
+    return frozenset(symbol
+                     for line in open(filename)
+                     for symbol in re.findall(r'\bPSA_WANT_\w+\b', line))
+_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name
+
+def hack_dependencies_not_implemented(dependencies: List[str]) -> None:
+    global _implemented_dependencies #pylint: disable=global-statement,invalid-name
+    if _implemented_dependencies is None:
+        _implemented_dependencies = \
+            read_implemented_dependencies('include/psa/crypto_config.h')
+    if not all((dep.lstrip('!') in _implemented_dependencies or
+                not dep.lstrip('!').startswith('PSA_WANT'))
+               for dep in dependencies):
+        dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET')
+
+class Information:
+    """Gather information about PSA constructors."""
+
+    def __init__(self) -> None:
+        self.constructors = self.read_psa_interface()
+
+    @staticmethod
+    def remove_unwanted_macros(
+            constructors: macro_collector.PSAMacroEnumerator
+    ) -> None:
+        # Mbed TLS doesn't support finite-field DH yet and will not support
+        # finite-field DSA. Don't attempt to generate any related test case.
+        constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR')
+        constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY')
+        constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')
+        constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY')
+
+    def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator:
+        """Return the list of known key types, algorithms, etc."""
+        constructors = macro_collector.InputsForTest()
+        header_file_names = ['include/psa/crypto_values.h',
+                             'include/psa/crypto_extra.h']
+        test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data']
+        for header_file_name in header_file_names:
+            constructors.parse_header(header_file_name)
+        for test_cases in test_suites:
+            constructors.parse_test_cases(test_cases)
+        self.remove_unwanted_macros(constructors)
+        constructors.gather_arguments()
+        return constructors
diff --git a/scripts/rm-calloc-cast.cocci b/scripts/rm-calloc-cast.cocci
deleted file mode 100644
index 89481c0..0000000
--- a/scripts/rm-calloc-cast.cocci
+++ /dev/null
@@ -1,7 +0,0 @@
-@rm_calloc_cast@
-expression x, n, m;
-type T;
-@@
-  x =
-- (T *)
-  mbedtls_calloc(n, m)
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index fde8cc5..17153b7 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -19,6 +19,21 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+#if defined(__SANITIZE_ADDRESS__) /* gcc -fsanitize=address */
+#  define MBEDTLS_TEST_HAVE_ASAN
+#endif
+#if defined(__has_feature)
+#  if __has_feature(address_sanitizer) /* clang -fsanitize=address */
+#    define MBEDTLS_TEST_HAVE_ASAN
+#  endif
+#  if __has_feature(memory_sanitizer) /* clang -fsanitize=memory */
+#    define MBEDTLS_TEST_HAVE_MSAN
+#  endif
+#  if __has_feature(thread_sanitizer) /* clang -fsanitize=thread */
+#    define MBEDTLS_TEST_HAVE_TSAN
+#  endif
+#endif
+
 #if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \
     defined(MBEDTLS_TEST_HOOKS)
 #define MBEDTLS_TEST_MUTEX_USAGE
diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py
index 955a5f3..faebe51 100755
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@@ -14,109 +14,15 @@
 from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional
 
 import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import crypto_data_tests
 from mbedtls_dev import crypto_knowledge
-from mbedtls_dev import macro_collector
+from mbedtls_dev import macro_collector #pylint: disable=unused-import
+from mbedtls_dev import psa_information
 from mbedtls_dev import psa_storage
 from mbedtls_dev import test_case
 from mbedtls_dev import test_data_generation
 
 
-def psa_want_symbol(name: str) -> str:
-    """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature."""
-    if name.startswith('PSA_'):
-        return name[:4] + 'WANT_' + name[4:]
-    else:
-        raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name)
-
-def finish_family_dependency(dep: str, bits: int) -> str:
-    """Finish dep if it's a family dependency symbol prefix.
-
-    A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be
-    qualified by the key size. If dep is such a symbol, finish it by adjusting
-    the prefix and appending the key size. Other symbols are left unchanged.
-    """
-    return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep)
-
-def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]:
-    """Finish any family dependency symbol prefixes.
-
-    Apply `finish_family_dependency` to each element of `dependencies`.
-    """
-    return [finish_family_dependency(dep, bits) for dep in dependencies]
-
-SYMBOLS_WITHOUT_DEPENDENCY = frozenset([
-    'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies
-    'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier
-    'PSA_ALG_ANY_HASH', # only in policies
-    'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies
-    'PSA_ALG_KEY_AGREEMENT', # chaining
-    'PSA_ALG_TRUNCATED_MAC', # modifier
-])
-def automatic_dependencies(*expressions: str) -> List[str]:
-    """Infer dependencies of a test case by looking for PSA_xxx symbols.
-
-    The arguments are strings which should be C expressions. Do not use
-    string literals or comments as this function is not smart enough to
-    skip them.
-    """
-    used = set()
-    for expr in expressions:
-        used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr))
-    used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY)
-    return sorted(psa_want_symbol(name) for name in used)
-
-# A temporary hack: at the time of writing, not all dependency symbols
-# are implemented yet. Skip test cases for which the dependency symbols are
-# not available. Once all dependency symbols are available, this hack must
-# be removed so that a bug in the dependency symbols properly leads to a test
-# failure.
-def read_implemented_dependencies(filename: str) -> FrozenSet[str]:
-    return frozenset(symbol
-                     for line in open(filename)
-                     for symbol in re.findall(r'\bPSA_WANT_\w+\b', line))
-_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name
-def hack_dependencies_not_implemented(dependencies: List[str]) -> None:
-    global _implemented_dependencies #pylint: disable=global-statement,invalid-name
-    if _implemented_dependencies is None:
-        _implemented_dependencies = \
-            read_implemented_dependencies('include/psa/crypto_config.h')
-    if not all((dep.lstrip('!') in _implemented_dependencies or 'PSA_WANT' not in dep)
-               for dep in dependencies):
-        dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET')
-
-
-class Information:
-    """Gather information about PSA constructors."""
-
-    def __init__(self) -> None:
-        self.constructors = self.read_psa_interface()
-
-    @staticmethod
-    def remove_unwanted_macros(
-            constructors: macro_collector.PSAMacroEnumerator
-    ) -> None:
-        # Mbed TLS doesn't support finite-field DH yet and will not support
-        # finite-field DSA. Don't attempt to generate any related test case.
-        constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR')
-        constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY')
-        constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')
-        constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY')
-
-    def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator:
-        """Return the list of known key types, algorithms, etc."""
-        constructors = macro_collector.InputsForTest()
-        header_file_names = ['include/psa/crypto_values.h',
-                             'include/psa/crypto_extra.h']
-        test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data']
-        for header_file_name in header_file_names:
-            constructors.parse_header(header_file_name)
-        for test_cases in test_suites:
-            constructors.parse_test_cases(test_cases)
-        self.remove_unwanted_macros(constructors)
-        constructors.gather_arguments()
-        return constructors
-
-
 def test_case_for_key_type_not_supported(
         verb: str, key_type: str, bits: int,
         dependencies: List[str],
@@ -126,7 +32,7 @@
     """Return one test case exercising a key creation method
     for an unsupported key type or size.
     """
-    hack_dependencies_not_implemented(dependencies)
+    psa_information.hack_dependencies_not_implemented(dependencies)
     tc = test_case.TestCase()
     short_key_type = crypto_knowledge.short_expression(key_type)
     adverb = 'not' if dependencies else 'never'
@@ -142,7 +48,7 @@
 class KeyTypeNotSupported:
     """Generate test cases for when a key type is not supported."""
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         self.constructors = info.constructors
 
     ALWAYS_SUPPORTED = frozenset([
@@ -166,10 +72,10 @@
             # They would be skipped in all configurations, which is noise.
             return
         import_dependencies = [('!' if param is None else '') +
-                               psa_want_symbol(kt.name)]
+                               psa_information.psa_want_symbol(kt.name)]
         if kt.params is not None:
             import_dependencies += [('!' if param == i else '') +
-                                    psa_want_symbol(sym)
+                                    psa_information.psa_want_symbol(sym)
                                     for i, sym in enumerate(kt.params)]
         if kt.name.endswith('_PUBLIC_KEY'):
             generate_dependencies = []
@@ -178,7 +84,7 @@
         for bits in kt.sizes_to_test():
             yield test_case_for_key_type_not_supported(
                 'import', kt.expression, bits,
-                finish_family_dependencies(import_dependencies, bits),
+                psa_information.finish_family_dependencies(import_dependencies, bits),
                 test_case.hex_string(kt.key_material(bits)),
                 param_descr=param_descr,
             )
@@ -192,7 +98,7 @@
             if not kt.is_public():
                 yield test_case_for_key_type_not_supported(
                     'generate', kt.expression, bits,
-                    finish_family_dependencies(generate_dependencies, bits),
+                    psa_information.finish_family_dependencies(generate_dependencies, bits),
                     str(bits),
                     param_descr=param_descr,
                 )
@@ -224,7 +130,7 @@
 ) -> test_case.TestCase:
     """Return one test case exercising a key generation.
     """
-    hack_dependencies_not_implemented(dependencies)
+    psa_information.hack_dependencies_not_implemented(dependencies)
     tc = test_case.TestCase()
     short_key_type = crypto_knowledge.short_expression(key_type)
     tc.set_description('PSA {} {}-bit'
@@ -238,7 +144,7 @@
 class KeyGenerate:
     """Generate positive and negative (invalid argument) test cases for key generation."""
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         self.constructors = info.constructors
 
     ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR',
@@ -255,9 +161,9 @@
         """
         result = 'PSA_SUCCESS'
 
-        import_dependencies = [psa_want_symbol(kt.name)]
+        import_dependencies = [psa_information.psa_want_symbol(kt.name)]
         if kt.params is not None:
-            import_dependencies += [psa_want_symbol(sym)
+            import_dependencies += [psa_information.psa_want_symbol(sym)
                                     for i, sym in enumerate(kt.params)]
         if kt.name.endswith('_PUBLIC_KEY'):
             # The library checks whether the key type is a public key generically,
@@ -272,7 +178,7 @@
         for bits in kt.sizes_to_test():
             yield test_case_for_key_generation(
                 kt.expression, bits,
-                finish_family_dependencies(generate_dependencies, bits),
+                psa_information.finish_family_dependencies(generate_dependencies, bits),
                 str(bits),
                 result
             )
@@ -299,7 +205,7 @@
         INCOMPATIBLE = 2
         PUBLIC = 3
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         self.constructors = info.constructors
         key_type_expressions = self.constructors.generate_expressions(
             sorted(self.constructors.key_types)
@@ -336,7 +242,7 @@
                                    pretty_alg,
                                    pretty_reason,
                                    ' with ' + pretty_type if pretty_type else ''))
-        dependencies = automatic_dependencies(alg.base_expression, key_type)
+        dependencies = psa_information.automatic_dependencies(alg.base_expression, key_type)
         for i, dep in enumerate(dependencies):
             if dep in not_deps:
                 dependencies[i] = '!' + dep
@@ -363,7 +269,7 @@
         """Generate failure test cases for keyless operations with the specified algorithm."""
         if alg.can_do(category):
             # Compatible operation, unsupported algorithm
-            for dep in automatic_dependencies(alg.base_expression):
+            for dep in psa_information.automatic_dependencies(alg.base_expression):
                 yield self.make_test_case(alg, category,
                                           self.Reason.NOT_SUPPORTED,
                                           not_deps=frozenset([dep]))
@@ -381,7 +287,7 @@
             key_is_compatible = kt.can_do(alg)
             if key_is_compatible and alg.can_do(category):
                 # Compatible key and operation, unsupported algorithm
-                for dep in automatic_dependencies(alg.base_expression):
+                for dep in psa_information.automatic_dependencies(alg.base_expression):
                     yield self.make_test_case(alg, category,
                                               self.Reason.NOT_SUPPORTED,
                                               kt=kt, not_deps=frozenset([dep]))
@@ -487,10 +393,10 @@
 class StorageFormat:
     """Storage format stability test cases."""
 
-    def __init__(self, info: Information, version: int, forward: bool) -> None:
+    def __init__(self, info: psa_information.Information, version: int, forward: bool) -> None:
         """Prepare to generate test cases for storage format stability.
 
-        * `info`: information about the API. See the `Information` class.
+        * `info`: information about the API. See the `psa_information.Information` class.
         * `version`: the storage format version to generate test cases for.
         * `forward`: if true, generate forward compatibility test cases which
           save a key and check that its representation is as intended. Otherwise
@@ -557,11 +463,11 @@
         verb = 'save' if self.forward else 'read'
         tc = test_case.TestCase()
         tc.set_description(verb + ' ' + key.description)
-        dependencies = automatic_dependencies(
+        dependencies = psa_information.automatic_dependencies(
             key.lifetime.string, key.type.string,
             key.alg.string, key.alg2.string,
         )
-        dependencies = finish_family_dependencies(dependencies, key.bits)
+        dependencies = psa_information.finish_family_dependencies(dependencies, key.bits)
         tc.set_dependencies(dependencies)
         tc.set_function('key_storage_' + verb)
         if self.forward:
@@ -766,13 +672,13 @@
 class StorageFormatForward(StorageFormat):
     """Storage format stability test cases for forward compatibility."""
 
-    def __init__(self, info: Information, version: int) -> None:
+    def __init__(self, info: psa_information.Information, version: int) -> None:
         super().__init__(info, version, True)
 
 class StorageFormatV0(StorageFormat):
     """Storage format stability test cases for version 0 compatibility."""
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         super().__init__(info, 0, False)
 
     def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
@@ -882,6 +788,7 @@
         yield from super().generate_all_keys()
         yield from self.all_keys_for_implicit_usage()
 
+
 class PSATestGenerator(test_data_generation.TestGenerator):
     """Test generator subclass including PSA targets and info."""
     # Note that targets whose names contain 'test_format' have their content
@@ -891,20 +798,23 @@
         lambda info: KeyGenerate(info).test_cases_for_key_generation(),
         'test_suite_psa_crypto_not_supported.generated':
         lambda info: KeyTypeNotSupported(info).test_cases_for_not_supported(),
+        'test_suite_psa_crypto_low_hash.generated':
+        lambda info: crypto_data_tests.HashPSALowLevel(info).all_test_cases(),
         'test_suite_psa_crypto_op_fail.generated':
         lambda info: OpFail(info).all_test_cases(),
         'test_suite_psa_crypto_storage_format.current':
         lambda info: StorageFormatForward(info, 0).all_test_cases(),
         'test_suite_psa_crypto_storage_format.v0':
         lambda info: StorageFormatV0(info).all_test_cases(),
-    } #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]]
+    } #type: Dict[str, Callable[[psa_information.Information], Iterable[test_case.TestCase]]]
 
     def __init__(self, options):
         super().__init__(options)
-        self.info = Information()
+        self.info = psa_information.Information()
 
     def generate_target(self, name: str, *target_args) -> None:
         super().generate_target(name, self.info)
 
+
 if __name__ == '__main__':
     test_data_generation.main(sys.argv[1:], __doc__, PSATestGenerator)
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 401b89d..0edb626 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -279,9 +279,18 @@
 
 # Space-separated list of ciphersuites supported by this build of
 # Mbed TLS.
-P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
-                   grep TLS- |
-                   tr -s ' \n' ' ')"
+P_CIPHERSUITES=""
+if [ "$LIST_TESTS" -eq 0 ]; then
+    P_CIPHERSUITES=" $($P_CLI help_ciphersuites 2>/dev/null |
+                       grep 'TLS-' |
+                       tr -s ' \n' ' ')"
+
+    if [ -z "${P_CIPHERSUITES# }" ]; then
+        echo >&2 "$0: fatal error: no cipher suites found!"
+        exit 125
+    fi
+fi
+
 requires_ciphersuite_enabled() {
     case $P_CIPHERSUITES in
         *" $1 "*) :;;
@@ -8997,7 +9006,6 @@
 requires_config_enabled MBEDTLS_SHA256_C
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_CHACHAPOLY_C
 requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
             -p "$P_PXY mtu=512" \
@@ -9011,7 +9019,7 @@
              crt_file=data_files/server8_int-ca2.crt \
              key_file=data_files/server8.key \
              exchanges=2 renegotiation=1 renegotiate=1 \
-             force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+             force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
              hs_timeout=10000-60000 \
              mtu=512" \
             0 \
@@ -9029,8 +9037,6 @@
 requires_config_enabled MBEDTLS_SHA256_C
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
 requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-GCM renego" \
             -p "$P_PXY mtu=512" \
@@ -9062,8 +9068,6 @@
 requires_config_enabled MBEDTLS_SHA256_C
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CCM_C
 requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-CCM renego" \
             -p "$P_PXY mtu=1024" \
@@ -9095,8 +9099,6 @@
 requires_config_enabled MBEDTLS_SHA256_C
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
 requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
 requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
@@ -9129,8 +9131,6 @@
 requires_config_enabled MBEDTLS_SHA256_C
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
 requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
             -p "$P_PXY mtu=1024" \
diff --git a/tests/suites/test_suite_psa_crypto_low_hash.function b/tests/suites/test_suite_psa_crypto_low_hash.function
new file mode 100644
index 0000000..6dabcef
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_low_hash.function
@@ -0,0 +1,209 @@
+/* BEGIN_HEADER */
+/*
+ * Test suite for the PSA hash built-in driver
+ *
+ * This test suite exercises some aspects of the built-in PSA driver for
+ * hash algorithms (psa_crypto_hash.c). This code is mostly tested via
+ * the application interface (above the PSA API layer) and via tests of
+ * individual hash modules. The goal of this test suite is to ensure that
+ * the driver dispatch layer behaves correctly even when not invoked via
+ * the API layer, but directly from another driver.
+ *
+ * This test suite is currently incomplete. It focuses on non-regression
+ * tests for past bugs or near misses.
+ */
+
+#include <psa_crypto_hash.h>
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_BUILTIN_HASH
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_valid_one_shot(int alg_arg, data_t *input,
+                         data_t *expected)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t *output = NULL;
+    size_t output_size = expected->len;
+    size_t length = SIZE_MAX;
+
+    /* Nominal case */
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len,
+                                        output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+    /* Larger output buffer */
+    output_size = expected->len + 1;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len,
+                                        output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+    /* We don't test with a smaller output buffer because this isn't
+     * guaranteed to work: the core must pass a sufficiently large
+     * output buffer to the driver. */
+
+exit:
+    mbedtls_free(output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_valid_multipart(int alg_arg,
+                          data_t *input1, data_t *expected1,
+                          data_t *input2, data_t *expected2)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t *output = NULL;
+    size_t output_size = expected1->len;
+    size_t length = SIZE_MAX;
+    mbedtls_psa_hash_operation_t operation0; // original
+    memset(&operation0, 0, sizeof(operation0));
+    mbedtls_psa_hash_operation_t clone_start; // cloned after setup
+    memset(&clone_start, 0, sizeof(clone_start));
+    mbedtls_psa_hash_operation_t clone_middle; // cloned between updates
+    memset(&clone_middle, 0, sizeof(clone_middle));
+    mbedtls_psa_hash_operation_t clone_end; // cloned before finish
+    memset(&clone_end, 0, sizeof(clone_end));
+    mbedtls_psa_hash_operation_t clone_more; // cloned before finish
+    memset(&clone_more, 0, sizeof(clone_more));
+
+    /* Nominal case with two update calls */
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_setup(&operation0, alg),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_start),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_update(&operation0, input1->x, input1->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_middle),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_update(&operation0, input2->x, input2->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_end),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&operation0,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+
+    /* Nominal case with an operation cloned after setup */
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_update(&clone_start, input1->x, input1->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_start,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected1->x, expected1->len, output, length);
+
+    /* Nominal case with an operation cloned between updates */
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_update(&clone_middle, input2->x, input2->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_middle,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+
+    /* Nominal case with an operation cloned before finish */
+    TEST_EQUAL(mbedtls_psa_hash_clone(&clone_end, &clone_more),
+               PSA_SUCCESS);
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+    /* Larger output buffer */
+    TEST_EQUAL(mbedtls_psa_hash_clone(&clone_more, &clone_end),
+               PSA_SUCCESS);
+    output_size = expected2->len + 1;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+    /* We don't test with a smaller output buffer because this isn't
+     * guaranteed to work: the core must pass a sufficiently large
+     * output buffer to the driver. */
+
+    /* Nominal case again after an error in a cloned operation */
+    output_size = expected2->len;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_more,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+exit:
+    mbedtls_free(output);
+    mbedtls_psa_hash_abort(&operation0);
+    mbedtls_psa_hash_abort(&clone_start);
+    mbedtls_psa_hash_abort(&clone_middle);
+    mbedtls_psa_hash_abort(&clone_end);
+    mbedtls_psa_hash_abort(&clone_more);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_empty(int alg_arg, data_t *expected)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t *output = NULL;
+    size_t output_size = expected->len;
+    size_t length = SIZE_MAX;
+    mbedtls_psa_hash_operation_t operation;
+    memset(&operation, 0, sizeof(operation));
+
+    ASSERT_ALLOC(output, output_size);
+
+    /* One-shot */
+    TEST_EQUAL(mbedtls_psa_hash_compute(alg, NULL, 0,
+                                        output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+
+    /* Multipart, no update */
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_setup(&operation, alg),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&operation,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+
+    /* Multipart, one update */
+    memset(output, 0, output_size);
+    memset(&operation, 0, sizeof(operation));
+    TEST_EQUAL(mbedtls_psa_hash_setup(&operation, alg),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_update(&operation, NULL, 0),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&operation,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+
+exit:
+    mbedtls_free(output);
+    mbedtls_psa_hash_abort(&operation);
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_low_hash.generated.data b/tests/suites/test_suite_psa_crypto_low_hash.generated.data
new file mode 100644
index 0000000..30cc9cf
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_low_hash.generated.data
@@ -0,0 +1,171 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+hash_empty MD5
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_MD5
+hash_empty:PSA_ALG_MD5:"d41d8cd98f00b204e9800998ecf8427e"
+
+hash_valid_one_shot MD5
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_MD5
+hash_valid_one_shot:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+hash_valid_multipart 0 + 179 MD5
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_MD5
+hash_valid_multipart:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e":"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"581d07c1c1cf41c302d587ca06659166"
+
+hash_valid_multipart 1 + 178 MD5
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_MD5
+hash_valid_multipart:PSA_ALG_MD5:"48":"c1d9f50f86825a1a2302ec2449c17196":"656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"581d07c1c1cf41c302d587ca06659166"
+
+hash_valid_multipart 64 + 115 MD5
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_MD5
+hash_valid_multipart:PSA_ALG_MD5:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d":"f643f3cdd664a99674b060a871e5cdf6":"2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"581d07c1c1cf41c302d587ca06659166"
+
+hash_valid_multipart 178 + 1 MD5
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_MD5
+hash_valid_multipart:PSA_ALG_MD5:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e67":"484d9ce483e5d65fa93622e5e0502163":"21":"581d07c1c1cf41c302d587ca06659166"
+
+hash_valid_multipart 179 + 0 MD5
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_MD5
+hash_valid_multipart:PSA_ALG_MD5:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"581d07c1c1cf41c302d587ca06659166":"":"581d07c1c1cf41c302d587ca06659166"
+
+hash_empty SHA_1
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+hash_empty:PSA_ALG_SHA_1:"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+hash_valid_one_shot SHA_1
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+hash_valid_one_shot:PSA_ALG_SHA_1:"616263":"a9993e364706816aba3e25717850c26c9cd0d89d"
+
+hash_valid_multipart 0 + 179 SHA_1
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+hash_valid_multipart:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709":"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"68e3b2a18096d66916a64b84085772c1ee2b7e72"
+
+hash_valid_multipart 1 + 178 SHA_1
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+hash_valid_multipart:PSA_ALG_SHA_1:"48":"7cf184f4c67ad58283ecb19349720b0cae756829":"656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"68e3b2a18096d66916a64b84085772c1ee2b7e72"
+
+hash_valid_multipart 64 + 115 SHA_1
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+hash_valid_multipart:PSA_ALG_SHA_1:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d":"750ba870591b392b0a82a93715018733809d6d60":"2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"68e3b2a18096d66916a64b84085772c1ee2b7e72"
+
+hash_valid_multipart 178 + 1 SHA_1
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+hash_valid_multipart:PSA_ALG_SHA_1:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e67":"95147c023be4f648064a8003d856901dd4cae0aa":"21":"68e3b2a18096d66916a64b84085772c1ee2b7e72"
+
+hash_valid_multipart 179 + 0 SHA_1
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+hash_valid_multipart:PSA_ALG_SHA_1:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"68e3b2a18096d66916a64b84085772c1ee2b7e72":"":"68e3b2a18096d66916a64b84085772c1ee2b7e72"
+
+hash_empty SHA_224
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_224
+hash_empty:PSA_ALG_SHA_224:"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+hash_valid_one_shot SHA_224
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_224
+hash_valid_one_shot:PSA_ALG_SHA_224:"616263":"23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7"
+
+hash_valid_multipart 0 + 179 SHA_224
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_224
+hash_valid_multipart:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f":"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"6e2ca0f9c283b6c8759e761d8bd1dd5dba0a49af1dff64f9beb2e444"
+
+hash_valid_multipart 1 + 178 SHA_224
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_224
+hash_valid_multipart:PSA_ALG_SHA_224:"48":"7e27c59a202f5e2b2b3b5458300140ef7aa7edc3a97a605b788546a1":"656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"6e2ca0f9c283b6c8759e761d8bd1dd5dba0a49af1dff64f9beb2e444"
+
+hash_valid_multipart 64 + 115 SHA_224
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_224
+hash_valid_multipart:PSA_ALG_SHA_224:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d":"ee50241ec35c16da236ed1d98a67635ec684dcaa205d59ef91a0bc95":"2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"6e2ca0f9c283b6c8759e761d8bd1dd5dba0a49af1dff64f9beb2e444"
+
+hash_valid_multipart 178 + 1 SHA_224
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_224
+hash_valid_multipart:PSA_ALG_SHA_224:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e67":"b28b9b1080f8ba1f274c41ad40823dca0d6e575abaa42c5b01588cd2":"21":"6e2ca0f9c283b6c8759e761d8bd1dd5dba0a49af1dff64f9beb2e444"
+
+hash_valid_multipart 179 + 0 SHA_224
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_224
+hash_valid_multipart:PSA_ALG_SHA_224:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"6e2ca0f9c283b6c8759e761d8bd1dd5dba0a49af1dff64f9beb2e444":"":"6e2ca0f9c283b6c8759e761d8bd1dd5dba0a49af1dff64f9beb2e444"
+
+hash_empty SHA_256
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_empty:PSA_ALG_SHA_256:"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+hash_valid_one_shot SHA_256
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_valid_one_shot:PSA_ALG_SHA_256:"616263":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+hash_valid_multipart 0 + 179 SHA_256
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_valid_multipart:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"4d30d19911e5974d669fa735cbd7a5b03dbea5754fc1d52f8c2a5d08ae7110dc"
+
+hash_valid_multipart 1 + 178 SHA_256
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_valid_multipart:PSA_ALG_SHA_256:"48":"44bd7ae60f478fae1061e11a7739f4b94d1daf917982d33b6fc8a01a63f89c21":"656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"4d30d19911e5974d669fa735cbd7a5b03dbea5754fc1d52f8c2a5d08ae7110dc"
+
+hash_valid_multipart 64 + 115 SHA_256
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_valid_multipart:PSA_ALG_SHA_256:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d":"ac068007f505c49f58818543ba0566528b54caffe65494da3515a8295ca986ad":"2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"4d30d19911e5974d669fa735cbd7a5b03dbea5754fc1d52f8c2a5d08ae7110dc"
+
+hash_valid_multipart 178 + 1 SHA_256
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_valid_multipart:PSA_ALG_SHA_256:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e67":"82effb9677d08d1ef33f578433cfcfb96355fe19372808e0711d72337671f152":"21":"4d30d19911e5974d669fa735cbd7a5b03dbea5754fc1d52f8c2a5d08ae7110dc"
+
+hash_valid_multipart 179 + 0 SHA_256
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_valid_multipart:PSA_ALG_SHA_256:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"4d30d19911e5974d669fa735cbd7a5b03dbea5754fc1d52f8c2a5d08ae7110dc":"":"4d30d19911e5974d669fa735cbd7a5b03dbea5754fc1d52f8c2a5d08ae7110dc"
+
+hash_empty SHA_384
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+hash_empty:PSA_ALG_SHA_384:"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+hash_valid_one_shot SHA_384
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+hash_valid_one_shot:PSA_ALG_SHA_384:"616263":"cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7"
+
+hash_valid_multipart 0 + 179 SHA_384
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+hash_valid_multipart:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b":"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"23d654bbaa58d813adce62c4a6e94a5589d9104b0c908173c583eb1aefe08f884b2c90e945e9c27ac3cdfa80fb8e1efd"
+
+hash_valid_multipart 1 + 178 SHA_384
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+hash_valid_multipart:PSA_ALG_SHA_384:"48":"72df8089b04fd6038238731b218a64da29bd83a34bced02a29f3139833671028584a653f74f1afecfac51064a0e6416c":"656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"23d654bbaa58d813adce62c4a6e94a5589d9104b0c908173c583eb1aefe08f884b2c90e945e9c27ac3cdfa80fb8e1efd"
+
+hash_valid_multipart 64 + 115 SHA_384
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+hash_valid_multipart:PSA_ALG_SHA_384:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d":"fced26dd21bb61dbb69f704e8aa6cd6e00da4ceecfc55dc94fe48458bc72fb603c23186150923578e4a7237af0e6105c":"2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"23d654bbaa58d813adce62c4a6e94a5589d9104b0c908173c583eb1aefe08f884b2c90e945e9c27ac3cdfa80fb8e1efd"
+
+hash_valid_multipart 178 + 1 SHA_384
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+hash_valid_multipart:PSA_ALG_SHA_384:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e67":"30d426688d31277644b0aa8c32435a36c17f2b8ef20c17e2069405951d01d0e66983e4f98ae1103f85b5e94862ea8b59":"21":"23d654bbaa58d813adce62c4a6e94a5589d9104b0c908173c583eb1aefe08f884b2c90e945e9c27ac3cdfa80fb8e1efd"
+
+hash_valid_multipart 179 + 0 SHA_384
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+hash_valid_multipart:PSA_ALG_SHA_384:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"23d654bbaa58d813adce62c4a6e94a5589d9104b0c908173c583eb1aefe08f884b2c90e945e9c27ac3cdfa80fb8e1efd":"":"23d654bbaa58d813adce62c4a6e94a5589d9104b0c908173c583eb1aefe08f884b2c90e945e9c27ac3cdfa80fb8e1efd"
+
+hash_empty SHA_512
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+hash_empty:PSA_ALG_SHA_512:"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+hash_valid_one_shot SHA_512
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+hash_valid_one_shot:PSA_ALG_SHA_512:"616263":"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f"
+
+hash_valid_multipart 0 + 179 SHA_512
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+hash_valid_multipart:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e":"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"f01271da8ba8505cc60393b497939b10a7e8c9e4fb4e636bac3ca92d5bec0d6d3d9f19ee9229173e40840e14740214fe454893a044d1da5aca4ef9b830d0dab0"
+
+hash_valid_multipart 1 + 178 SHA_512
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+hash_valid_multipart:PSA_ALG_SHA_512:"48":"9032fb94055d4d14e42185bdff59642b98fe6073f68f29d394620c4e698a86fb2e51351ca6997e6a164aae0b871cf789fbc6e0d863733d05903b4eb11be58d9c":"656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"f01271da8ba8505cc60393b497939b10a7e8c9e4fb4e636bac3ca92d5bec0d6d3d9f19ee9229173e40840e14740214fe454893a044d1da5aca4ef9b830d0dab0"
+
+hash_valid_multipart 64 + 115 SHA_512
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+hash_valid_multipart:PSA_ALG_SHA_512:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d":"98cde721bfa735807497358c48c5e5d4302410f30c3afc3b08f40da267d23a28a88ecdd9d52711189fa2ddca54343e37a14d401aee3ac47df3b469c15906bce1":"2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"f01271da8ba8505cc60393b497939b10a7e8c9e4fb4e636bac3ca92d5bec0d6d3d9f19ee9229173e40840e14740214fe454893a044d1da5aca4ef9b830d0dab0"
+
+hash_valid_multipart 178 + 1 SHA_512
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+hash_valid_multipart:PSA_ALG_SHA_512:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e67":"0d86ca214f7634d86c13f95068b226d16bd1e65337da4983ce88e82fa2515957495fc6c50b2afb677bea54de9e1b8e7c694591605c514abed7fdc18f181fe01c":"21":"f01271da8ba8505cc60393b497939b10a7e8c9e4fb4e636bac3ca92d5bec0d6d3d9f19ee9229173e40840e14740214fe454893a044d1da5aca4ef9b830d0dab0"
+
+hash_valid_multipart 179 + 0 SHA_512
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+hash_valid_multipart:PSA_ALG_SHA_512:"48656c6c6f2c20776f726c642e20486572652061726520313620756e7072696e7461626c652062797465733a205b000102030405060708090a80818283feff5d2e202054686973206d657373616765207761732062726f7567687420746f20796f752062792061206e61747572616c20696e74656c6c6967656e63652e2020496620796f752063616e207265616420746869732c20676f6f64206c75636b207769746820796f757220646562756767696e6721":"f01271da8ba8505cc60393b497939b10a7e8c9e4fb4e636bac3ca92d5bec0d6d3d9f19ee9229173e40840e14740214fe454893a044d1da5aca4ef9b830d0dab0":"":"f01271da8ba8505cc60393b497939b10a7e8c9e4fb4e636bac3ca92d5bec0d6d3d9f19ee9229173e40840e14740214fe454893a044d1da5aca4ef9b830d0dab0"
+
+# End of automatically generated file.
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 406a063..6ffba84 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -2781,6 +2781,18 @@
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
 mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA1\nEC key size   \: 256 bits\n":0
 
+X509 CSR ASN.1 (Unsupported critical extension, critical=true, ignore for backwards compatibility)
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+mbedtls_x509_csr_parse:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"CSR version   \: 1\nsubject name  \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using  \: ECDSA with SHA256\nEC key size   \: 256 bits\n":0
+
+X509 CSR ASN.1 (Unsupported non-critical extension, critical=false)
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+mbedtls_x509_csr_parse:"308201243081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004b5e718a7df6b21912733e77c42f266b8283e6cae7adf8afd56b990c1c6232ea0a2a46097c218353bc948444aea3d00423e84802e28c48099641fe9977cdfb505a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101000403010101300a06082a8648ce3d0403020348003045022100f0ba9a0846ad0a7cefd0a61d5fc92194dc06037a44158de2d0c569912c058d430220421f27a9f249c1687e2fa34db3f543c8512fd925dfe5ae00867f13963ffd4f8d":"CSR version   \: 1\nsubject name  \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using  \: ECDSA with SHA256\nEC key size   \: 256 bits\n":0
+
+X509 CSR ASN.1 (Unsupported non-critical extension, critical undefined)
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+mbedtls_x509_csr_parse:"308201223081c802010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d030107034200045f94b28d133418833bf10c442d91306459d3925e7cea06ebb9220932e7de116fb671c5d2d6c0a3784a12897217aef8432e7228fcea0ab016bdb67b67ced4c612a025302306092a864886f70d01090e311630143012060b2b0601040183890c8622020403010101300a06082a8648ce3d04030203490030460221009b1e8b25775c18525e96753e1ed55875f8d62f026c5b7f70eb5037ad27dc92de022100ba1dfe14de6af6a603f763563fd046b1cd3714b54d6daf5d8a72076497f11014":"CSR version   \: 1\nsubject name  \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using  \: ECDSA with SHA256\nEC key size   \: 256 bits\n":0
+
 X509 CSR ASN.1 (bad first tag)
 mbedtls_x509_csr_parse:"3100":"":MBEDTLS_ERR_X509_INVALID_FORMAT